curl-users
SSL error on curl request
Date: Tue, 21 Aug 2007 16:28:25 -0500
Hi!
I am attempting to ftp over ssl but my ssl auth is getting rejected.
I have grabbed the latest mozilla headers and pointed implicitly to them but there may be another problem.
I am issuing the command line of:
/opt/TWWfsw/bin/curl -v -k --cacert /tmp/cacert.pem --ftp-ssl -u cg153200 -B ftp://ftpst.mytargetsite.com:20021//cg153201/k100.rexel.x340
Does this make sense?
Enter host password for user 'cg153200':
== Info: About to connect() to ftpst.mytargetsite.com port 20021
== Info: Trying 170.135.128.149... == Info: connected
== Info: Connected to ftpst.mytargetsite.com (170.135.128.149) port 20021
<= Recv header, 99 bytes (0x63)
0000: 220 <<<Connect:Enterprise UNIX 2.4.02 Secure FTP>>> at ceweba1u
0040: FTP server ready. Time = 16:20:57
=> Send header, 10 bytes (0xa)
0000: AUTH SSL
<= Recv header, 24 bytes (0x18)
0000: 234 AUTH TLS-P/SSL OK.
== Info: found 94 certificates in /tmp/cacert.pem
== Info: server certificate verification FAILED
== Info: common name: ftpst.usbank.com (matched)
== Info: certificate public key: RSA
== Info: certificate version: #3
== Info: subject: C=US,ST=Minnesota,L=St. Paul,O=U.S. Bank,OU=Data_Distribution_Services_ceweba1u_SSL,OU=Terms of use at www.verisign.com/rpa (c)05,CN=ftpst.usbank.com
== Info: start date: Mon, 08 May 2006 00:00:00 GMT
== Info: expire date: Thu, 07 May 2009 23:59:59 GMT
== Info: issuer: O=VeriSign Trust Network,OU=VeriSign\, Inc.,OU=VeriSign International Server CA - Class 3,OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
== Info: compression: NULL
== Info: cipher: 3DES 168 CBC
== Info: MAC: SHA
=> Send header, 15 bytes (0xf)
0000: USER cg153200
<= Recv header, 37 bytes (0x25)
0000: 331 Password required for cg153200.
=> Send header, 15 bytes (0xf)
0000: PASS ********** <= Recv header, 66 bytes (0x42)
0000: 230 Connect:Enterprise UNIX login ok, access restrictions apply.
=> Send header, 8 bytes (0x8)
0000: PBSZ 0
<= Recv header, 16 bytes (0x10)
0000: 200 PBSZ 0 OK.
=> Send header, 8 bytes (0x8)
0000: PROT P
<= Recv header, 46 bytes (0x2e)
0000: 200 PROT P OK, data channel will be secured.
=> Send header, 5 bytes (0x5)
0000: PWD
<= Recv header, 39 bytes (0x27)
0000: 257 "/cg153200" is current directory.
== Info: Entry path is '/cg153200'
=> Send header, 15 bytes (0xf)
0000: CWD /cg153201
<= Recv header, 29 bytes (0x1d)
0000: 250 CWD command successful.
=> Send header, 6 bytes (0x6)
0000: EPSV
== Info: Connect data stream passively
<= Recv header, 37 bytes (0x25)
0000: 500 'EPSV': command not understood.
== Info: disabling EPSV usage
=> Send header, 6 bytes (0x6)
0000: PASV
<= Recv header, 51 bytes (0x33)
0000: 227 Entering Passive Mode (170,135,128,149,82,10)
== Info: Trying 170.135.128.149... == Info: connected
== Info: Connecting to 170.135.128.149 (170.135.128.149) port 21002
=> Send header, 8 bytes (0x8)
0000: TYPE A
<= Recv header, 20 bytes (0x14)
0000: 200 Type set to A.
=> Send header, 22 bytes (0x16)
0000: SIZE k100.rexel.x340
<= Recv header, 69 bytes (0x45)
0000: 550 Operation is not supported under Connect:Enterprise FTP serv
0040: er.
=> Send header, 22 bytes (0x16)
0000: RETR k100.rexel.x340
<= Recv header, 61 bytes (0x3d)
0000: 150 Opening ASCII mode data connection for k100.rexel.x340.
== Info: Doing the SSL/TLS handshake on the data stream
== Info: found 94 certificates in /tmp/cacert.pem
== Info: SSL re-using session ID
== Info: server certificate verification FAILED
== Info: common name: ftpst.mytargetsite.com (matched)
== Info: certificate public key: RSA
== Info: certificate version: #3
== Info: subject: C=US,ST=Minnesota,L=St. Paul,O=U.S. Bank,OU=Data_Distribution_Services_ceweba1u_SSL,OU=Terms of use at www.verisign.com/rpa (c)05,CN=ftpst.mytargetsite.com
== Info: start date: Mon, 08 May 2006 00:00:00 GMT
== Info: expire date: Thu, 07 May 2009 23:59:59 GMT
== Info: issuer: O=VeriSign Trust Network,OU=VeriSign\, Inc.,OU=VeriSign International Server CA - Class 3,OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
== Info: compression: NULL
== Info: cipher: 3DES 168 CBC
== Info: MAC: SHA
== Info: Getting file with size: -1
<= Recv data, 1932 bytes (0x78c)
0000: -----BEGIN PGP MESSAGE-----
001d: Version: GnuPG v1.0.7 (GNU/Linux)
0040:
0042: hQIOA+fepstMZq3sEAf9GTYbCojzrDWqtzNDVWHMDY0yXsPm3r8/sXtrj3yoXC5U
0084: 7L1xRmN2wTz7SZK5selVMFR2qw40qato30ojg4ltkwwEmMWJuqvsPkJsE2xX2s+1
00c6: OIMoRHq8vl90Uy+ogMqV2omUe7hGEwVfe9kZBWan3g5ZkBR7sN7RgApsTIsdRCqm
0108: iJxr2lASJ3YlM0ahruQX25CKkTQ2wnPqzU8GdO/iFam85ny2c9VgehBa4xmzu78d
014a: Sd4jnSWOXMFKR0AtKz83SQdjIZqEz4O+mOFMkuxghloFzHWcp7bidK7NzQFq9iVt
018c: NzK8WrMmiANOUpvszm1pr4+NGQMujw89cbToV8jvNQf/YeeafRVckCEY0q9UeIBl
01ce: cw8T7h4zh8vWjs8c6mTlr9+Q+TyDRxXRQTCl2q0wBy353hO++i/Q9V1WN75Sie2H
0210: Uh65zCAKzT1KjxiLPoK0UMMUhGUCnyjFbabG5+4gfhYeUh5KHbHdzttgBrZRhknb
0252: R9Rzx7T5bmgfZybmOYj9Ag+y/lcYkCk+gClvFEVIDfic0oLmhvlmvHYpoleR6nCu
0294: ryVtRl6cvQyHqycQXuTnUgKA9XWnQ7ahc3xEw+d6F1Bh9VmvkHUPjoIcz8jIjvT1
02d6: COlJz55a5pxwFie8Shxoz8evnYkQYL0QsirhOUdw7FquoVF14Vb954Mxn4zhisXu
0318: tsnps+ylcKKJx+1fY1e/1uYTeSFTbDMRbXeoG8a+KeepWGdS6Z5V5CvLvRN72ApH
035a: vDG/+GGZ7TLVUz6q8dBSK/CMGJQnlpYVgjbBScja+YNUsxJe+zDobJV/CqTewYCO
039c: 7FXYCinzijwzQnxCSC0QU/08HBX5pC+bV+qkJAPwZCK71kn/lgb/bJ/O/a2vBfzs
03de: OWtZBsMRWwgvjhgTZcEl6tewddzJ0ROBRjme4Rw2Y3o/xCh/VwQm5JuE8HC1BJoi
0420: uZij2kKmkvot3pmQn9RO7cnKgqCFmIjOToBsu0vqryhDs7hGA3Ia3nGXQAwSA5Si
0462: vGbyN42VLiLlTEiEtCTaK2PvqCQkrD3Fb1mbCVJpMiHO71etBU/ynEWTtpJ1Rfg/
04a4: 6o68s+mLqxp0Eh7Y/3ioGR9u4keA0sEg9acagf9n0QHO7QuYUDUjaGKbPcUMPJsz
04e6: fCInVQK4lNnXStoJp96iXi681gQ1Bnp4yLQNTKpkEMR7Lpp7RA1MacoxvWtn5A1G
0528: AUx+878iiFe7BM9wa54rI4KvL0afYmYH8olLOnV6uLQzaNHEpxYWDoFQnhE/qLXJ
056a: M6QqN9ISWZgHu10f9l2Q9kv6fc5ALkycNq5U54xdRP8zet2lfTbPDB/SsBJMcyXw
05ac: 69NCt6qAj449xefcnDjeJZCuJueZcxJFnlc5/noDtpTHqD3AX/9JG2p8T07F3LiM
05ee: UHDiXLm6g8PyCXGrgg0UfMvC7cWTq9HWuIYU6/sU2r+iEPVT6/yzYql5ej9XJEz5
0630: U0IrifndY2JU8Bxcy7737AFGfoJWvZmNuFkKtVpUrT0eRudVCfxAWAvENLzza+Ai
0672: TSAYYs/EWOQko9Sb4SnFvk2GJGbjjnndXVJkC0Y3JkUgKaNgbjsfODUfcP3Xiyzf
06b4: mZMyOlhI3WcvGm8dH8jxL8BvtJa1FXiNSYQCcaa893h/oWRTC4FoAld86PYB9PL4
06f6: Z9HVl4uEUB+SGeYdJnZ8AzZLpiB6OINQc4BPCrjgeD9J4ZyrbgcLzBiKumnJ4f6a
0738: xtTDIaP0xxgP0Q03RTtdxF35gOW1GdVakzbJ0M2cy/ieYMRA
076a: =6JYY
0771: -----END PGP MESSAGE-----
TIA,
Joseph H. Terrell
jterrell_at_RexelUSA.com
Unix Systems Admin
RexelUSA
6606 LBJ Freeway
Dallas TX, 75240
Received on 2007-08-21